Course Description
Develop and Implement RESTful Services for Java, JAX-RS, Spring, Security & More
This course introduces developers to the core concepts, principles, and Java implementations for RESTful services. Today's development environments are increasingly dominated by sophisticated tooling that makes the implementation of RESTful services less arduous. The proper design of these services is far more complex and demanding. In this course, you will learn the principles and technologies that are used in building these services. This understanding is critical to being able to diagnose, troubleshoot, tune, and perform other lifecycle activities.
What You'll Learn
Basic concepts of REST
Similarities and differences between RESTful services and SOAP-based services
Security concerns associated with RESTful services
Design, develop, and deploy real-world RESTful Services
Implement RESTful services using JAX-RS to
Implement RESTful services using Spring REST to
Who Needs to Attend
Experienced Java developers and architects who need to identify, design, and implement web services.
Prerequisites
Working knowledge (at least one year) with Servlets and Spring
Familiarity with XML and JSON
Follow-On Courses
There are no follow-ons for this course.
Course Outline
1. Working with REST
Overview of REST
REpresentational State Transfer
REST Characteristics
REST Elements
REST Architectural Principles
REST and HTTP
REST/HTTP: Representation-Oriented
REST Design Principles
Designing RESTful Services
Effectively Designing RESTful Services
Best Practices for Endpoint Definition
Using Query Parameters
Working with HTTP GET and DELETE
Working with HTTP PUT
Working with HTTP POST
Best Practices for HTTP Methods
Handling Additional Operations
2. Implementing REST with JAX-RS
Overview of JAX-RS
JAX-RS Implementations
JAX-RS Service Class
JAX-RS Service Lifecycle Options
Consuming RESTful Services
@Path: URI Matching
@Path Annotation
@Path Expressions
@Path and Regular Expressions
HTTP Method Annotations
Injection Using JAX-RS
Parameters
Working with @PathParam
Header and Cookie Values Can be Injected
Working Programmatically with URI
Handling Exceptions
REST/HTTP 1.1 Error Response Codes
Overview of Exception Handling in JAX-RS
JAX-RS's WebApplicationException
Handling Content
JAX-RS Built-In Content Handlers
Content Marshaling
Using JAXB With JAX-RS
Working With JSON
Content Negotiation (Conneg)
RESTful Services in Spring
Spring Support for REST
Spring's Parameter Injection
Handling Transformations in Spring
Negotiated view-based rendering
HTTP Message Converters
RESTful Clients in Spring
Spring's Hidden Method Field
Processing Incoming REST Requests
Spring's Support for REST Clients
Performing GET Requests and Other Methods
3. Security and REST
Securing Untrusted Input
Input Data Attacks
Tenacious D
Responding to Error State
Best Practices for Untrusted Data
Defending REST
How Attackers See REST
Factors that Increase Attack Surface
Bridging and its Potential Problems
Dangerous Developer Assumptions
Three Basic Tenets for Safe REST
Labs
Hands-On Learning: As a programming class, this course provides multiple challenges labs for students to work through during the class. This workshop is about 50% hands-on lab and 50% lecture. Throughout the course students will be led through a series of progressively advanced topics, where each topic consists of lecture, group discussion, comprehensive hands-on lab exercises, and lab review. Multiple detailed lab exercises are laced throughout the course, designed to reinforce fundamental skills and concepts learned in the lessons. At the end of each lesson, developers will be tested with a set of review questions to ensure that he/she has fully understands that topic.
Agenda
Basic concepts of REST
Similarities and differences between RESTful services and SOAP-based services
Security concerns associated with RESTful services
Design, develop, and deploy real-world RESTful Services
Implement RESTful services using JAX-RS
Implement RESTful services using Spring REST
Implement RESTful Java clients:
- Develop JAX-RS Java clients using the JAX-RS 2.0 Client API
- Manage different Web targets
- Deal with content negotiation on the client
- Work with different data formats including XML and JSON
- Properly process server responses
Implement JAX-RS Filters and Interceptors
- Intercept and manipulate service requests and responses
- Dynamically register interceptor to resources
- Understand the concept of NameBinding
Discover asynchronous JAX-RS processing
- Implement an asynchronous JAX-RS service endpoint
- Register response listeners